Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up. What is the most likely cause?
The attacker altered or erased events from the logs.
Proper chain of custody was not observed while collecting the logs.
The network devices are not all synchronized
The security breach was a false positive.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.